How To Hack Bank Accounts By Using Zeus

How To Hack Bank Accounts By Using Zeus

How To Hack Bank Accounts By Using Zeus

How To Hack Bank Accounts By Using Zeus

After many people asking for tutorials about Remote Administration Tool (RAT), today we will learn how to set up Remote Administration Tool Zeus BotNet (RAT). We choose Zeus because Zeus was one of the famous trojan horses in history that is infecting many computers worldwide.
If you don’t know about Zeus, here is some definition from Wikipedia:

Zeus is a Trojan horse that steals banking information by Man-in-the-browser keystroke logging and Form Grabbing. Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009, security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA,, ABC, Oracle,, Cisco, Amazon, and BusinessWeek.


1. Remote Administration Tool(RAT) Zeus BotNet (Download)

2. Web Server + Database Server (in this example we use XAMPP)

Remote Administration Tool(RAT) Zeus BotNet:

1. Firstly, we need to install the web server and database server. Since we’re using XAMPP for this tutorial, you can refer to the previous step-by-step How to Install XAMPP in 7 Simple Steps to install XAMPP on a Windows machine and make sure your XAMPP Apache and MySQL service was started and running.

2. Open the internet browser and type http://localhost/phpmyadmin. Input the username and password, by default the username, is root and the password leaves it empty. After that create a new database, I named it a bot, but you can change it into whatever you want. This database name will be used for the installation of the remote administration tool.

3. In The next step we need to download the remote administration tool file and extract it, you will find 3 main folder builders, other, and server[php]. Create a new folder inside C:\xampp\htdocs. I give the folder name as a bot, then copy the server[php] contents into C:\xampp\htdocs\bot.

4. Now back again into our web browser and type http://localhost/bot/install into the address bar. Input all required fields with the correct information. – See more at: administration-tool-Zeus-botnet-rat/#sthash.nzCeUEf9.dpuf


– The host address for MySQL is filled with your database server IP address. If you run XAMPP it should be your IP address.

– Database is filled with information about our database name that was already created in step 2.

– Encryption key you can file with any characters with length from 1 – 255

Click Install to start installing.

Notes: If you get this error

ERROR: Failed to connect to MySQL server: Host ‘my username’ is not allowed to connect to this MySQL server.
You need to do the following step by step

a. Open your PHPMyAdmin http://localhost/phpmyadmin and click the Privileges tab. Click the edit button to edit the root user privileges.
b. In the edit user page, scroll down and find the login information section. Change the Host from localhost to Any host and press the Go button.

5. This is the information preview if Zeus remote administration tool web server was successfully installed.

6. The next step is configuring and creating the Zeus bot client. Open the builder folder and open the config.txt configuration file. Change the url_config, url_loader, and url_server configuration according to your setting, you can see my setting in the picture below.

Note: don’t forget to edit the path of webinjects.txt.

7. Now for the next step, open the zsb.exe file. In the picture below I’ve already created the step by step to build the bot executable. Just follow the step.

8. After all the build bot config and bot executable on step 7, now we have the new file config.bin and bot.exe. Copy that two files into the htdocs folder. Mine was inside C:\xampp\htdocs\bot.

9. Now let’s say we will send the generated bot.exe to the victim. After the victim executes the file we can check our attacker server. Open the browser and type http://localhost/bot/cp.php and insert your username and password.

10. We can see the new infected victim in the web interface and even view the desktop screenshot of the victim.


1. When the victim is already infected, an attacker can gather any information from the victim including all internet activities, and even gather all the website username and password since this tool can act as a keylogger and capture the login information.

2. To prevent the attack of this trojan, always update your operating system and anti-virus, and do not click any link that looks suspicious in your mail or chats messenger.

You can also buy instant:


Cashapp Money Transfer Click here

Paypal Money Transfer Click here

Western Union  Money Transfer Click here

Venmo Money Transfer Click here

Bank Money Transfer Click here to Contact Us

Leave a Reply